SignerInfo.CheckSignature 抛出异常 "Parameter is incorrect"

SignerInfo.CheckSignature throws out exception "Parameter is incorrect"

有一种方法(这里简化)可以验证数字签名。当我尝试检查签名文件时,方法 SignerInfo.CheckSignature 中出现错误“参数不正确”。不管我传递什么参数。这是在生产服务器上发生的,我无法在自己身上重现同样的错误——一切正常。签名和证书链有效。代码和证书集合对于开发和生产服务器是相同的。

public string Check(byte[] fileBytes)
{
    X509Store store = new X509Store(StoreName.Root, StoreLocation.LocalMachine);
    store.Open(OpenFlags.MaxAllowed);
    X509Certificate2Collection collection = new X509Certificate2Collection(store.Certificates);
    store.Close();
    byte[] encodedSignedCms = fileBytes;
    SignedCms signedCms = new SignedCms();
    signedCms.Decode(encodedSignedCms);
    if (signedCms.SignerInfos.Count == 0)
        return ("not found");
    SignerInfoEnumerator enumerator = signedCms.SignerInfos.GetEnumerator();
    while (enumerator.MoveNext())
    {
        SignerInfo current = enumerator.Current;
        try
        {
            //any of these methods will return the same error
            current.CheckSignature(true);
            current.CheckSignature(collection, true);
            current.CheckSignature(collection, false);
        }
        catch (CryptographicException e)
        {
            //parameter is incorrect
            return ("error");
        }
    }
    return ("success");
}

错误:

MESSAGE: parameter is incorrect
INNEREXCEPTION: null
STACKTRACE: in System.Security.Cryptography.Pkcs.SignerInfo.Verify(X509Certificate2Collection extraStore, X509Certificate2 certificate, Boolean verifySignatureOnly) in System.Security.Cryptography.Pkcs.SignerInfo.CheckSignature(X509Certificate2Collection extraStore, Boolean verifySignatureOnly) in ProjectName.Controllers.SignatureController.Check(Byte[] fileBytes). 
TARGETSITE: Void Verify(System.Security.Cryptography.X509Certificates.X509Certificate2Collection, System.Security.Cryptography.X509Certificates.X509Certificate2, Boolean)

技术信息:

ASP.NET MVC
Production: Windows Server 2016. Net Framework 4.8. IIS 10. 
Development: Windows 7 Pro or Windows Server 2016. Net Framework 4.8. Visual Studio 2015

我可以修复或检查什么?提前致谢。

我注意到打开任何证书时都没有显示链。并显示错误“验证信任时发生系统级错误”。我找到了重新安装加密提供程序的建议。就我而言,它是 Crypto Pro CSP。之后,证书链正确排列,代码运行良好。这很可能发生在 Windows 更新之后。